Lucene search

[email protected]CVE-2016-4377

HistoryAug 22, 2016 - 10:59 a.m.

CVE-2016-4377

2016-08-2210:59:06

[email protected]

web.nvd.nist.gov

cve-2016-4377

hpe

smart update

storage sizing tool

security vulnerability

remote code execution

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

JSON

HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

hpconverged_infrastructure_solution_sizer_suiteRange≤2.13.0

hpinsight_management_sizerRange≤16.12.0

hppower_advisorRange≤7.8.1

hpsap_sizing_toolRange≤16.12.0

hpsizer_for_converged_systems_virtualizationRange≤16.7.0

hpsizer_for_microsoft_exchange_server_2010Range≤16.12.0

hpsizer_for_microsoft_exchange_server_2013Range≤16.12.0

hpsizer_for_microsoft_exchange_server_2016Range≤16.12.0

hpsizer_for_microsoft_lync_server_2013Range≤16.12.0

hpsizer_for_microsoft_sharepoint_2010Range≤16.11.0

hpsizer_for_microsoft_sharepoint_2013Range≤16.13.0

hpsizer_for_microsoft_skype_for_business_server_2015Range≤16.5.0

hpsizing_tool_for_sap_business_suite_powered_by_hanaRange≤16.11.0

hpstorage_sizing_toolRange≤13.0

hpsynergy_planning_toolRange≤3.2

CPENameOperatorVersion
hp:converged_infrastructure_solution_sizer_suitehp converged infrastructure solution sizer suitele2.13.0
hp:insight_management_sizerhp insight management sizerle16.12.0
hp:power_advisorhp power advisorle7.8.1
hp:sap_sizing_toolhp sap sizing toolle16.12.0
hp:sizer_for_converged_systems_virtualizationhp sizer for converged systems virtualizationle16.7.0
hp:sizer_for_microsoft_exchange_server_2010hp sizer for microsoft exchange server 2010le16.12.0
hp:sizer_for_microsoft_exchange_server_2013hp sizer for microsoft exchange server 2013le16.12.0
hp:sizer_for_microsoft_exchange_server_2016hp sizer for microsoft exchange server 2016le16.12.0
hp:sizer_for_microsoft_lync_server_2013hp sizer for microsoft lync server 2013le16.12.0
hp:sizer_for_microsoft_sharepoint_2010hp sizer for microsoft sharepoint 2010le16.11.0

CPE	Name	Operator	Version
hp:converged_infrastructure_solution_sizer_suite	hp converged infrastructure solution sizer suite	le	2.13.0
hp:insight_management_sizer	hp insight management sizer	le	16.12.0
hp:power_advisor	hp power advisor	le	7.8.1
hp:sap_sizing_tool	hp sap sizing tool	le	16.12.0
hp:sizer_for_converged_systems_virtualization	hp sizer for converged systems virtualization	le	16.7.0
hp:sizer_for_microsoft_exchange_server_2010	hp sizer for microsoft exchange server 2010	le	16.12.0
hp:sizer_for_microsoft_exchange_server_2013	hp sizer for microsoft exchange server 2013	le	16.12.0
hp:sizer_for_microsoft_exchange_server_2016	hp sizer for microsoft exchange server 2016	le	16.12.0
hp:sizer_for_microsoft_lync_server_2013	hp sizer for microsoft lync server 2013	le	16.12.0
hp:sizer_for_microsoft_sharepoint_2010	hp sizer for microsoft sharepoint 2010	le	16.11.0

Rows per page:

1-10 of 151

References

www.securityfocus.com/bid/92479

h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.1%

JSON

Related for CVE-2016-4377

openvas12 prion1 cvelist1 nvd1